Send message to

Do you want to send the message without a subject?
Please note that your message can be maximum 1000 characters long
Special characters '<', '>' are not allowed in subject and message
reCaptcha is invalid.
reCaptcha failed because of a problem with the server.

Your message has been sent

You can find the message in your personal profile at "My messages".

An error occured

Please try again.

Make an appointment with

So that you can make an appointment, the calendar will open in a new tab on the personal profile of your contact person.

Create an onsite appointment with

So that you can make an onsite appointment, the appointment request will open in a new tab.

Header of Global Information Distribution GmbH
Forums it-sa Expo Knowledge Forum B

Hackers versus heroes - a dance on the cyber security data tightrope

The battle for your cyber security has already begun. Remain unassailable! We'll show you how to do it.

calendar_today Wed, 23.10.2024, 11:15 - 11:30

event_available On site

place Forum, Booth 6-235

Action Video

south_east

Action description

south_east

Speaker

south_east

Themes

Data security / DLP / Know-how protection Legislation, standards, regulations Governance, Riskmanagement and Compliance Data Center Trend topic

Key Facts

  • Use of the BOOST protocol (not vulnerable)
  • Data is written away in “WORM mode” (retention lock)
  • Option of a cyber vault for additional security

Action Video

grafischer Background
close

This video is available to the it-sa 365 community. 
Please register or log in with your login data.

Action description

What happens when people trust when they shouldn't?
They become blind to dangers and make themselves vulnerable.

The number of ransomware attacks is increasing dramatically. The question is not whether a company will be attacked and encrypted, but rather when this will happen. The many cases that are heard or read in the media every day are increasing sensitivity. The pattern is different. Often, companies are first encrypted in the backup and then the attacker systematically moves on to the primary systems. Depending on when the attack is noticed, what can still be saved can be saved: pull the plug, emergency manual, determine damage, procure equipment, rebuild the system, etc. In many cases, a report must be made to the BSI (Federal Office for Information Security), which then means that the affected systems must first be examined in order to identify the perpetrator and must not be used until the attack is completed.

Due to the increasing threat of ransomware attacks, Dell Technologies has developed protection software that is currently unique in its concept and capabilities. Cyber Recovery is included with the newer PowerProtect Data Domain systems and forms a kind of last line of defense against all types of malware attacks. If customers use a Data Domain as the target storage for the backup in the first expansion stage, they can use these two advantages that make it more difficult for attackers to encrypt the systems. One is the so-called BOOST protocol, which has not been attacked so far, the second is the "Retention Lock" function, in which the data is written away in a "WORM mode" (write once read many) and thus cannot be encrypted. Retention Lock can be used as a governance or compliance mode. This data cannot be changed, overwritten or deleted for the period specified in the retention lock. The compliance mode is used for the company's strict regulatory standards and secures the Data Domain system against internal and external attacks via a security officer. Once the security officer has been created, all other users only have operational rights and cannot exclude users, delete, change or encrypt data.

Based on the observation that modern ransomware is increasingly targeting backup systems in companies and trying to deactivate or control them, Dell Technologies came up with the concept of a vault, i.e. a safe that is absolutely inaccessible to attackers. This Cyber Recovery Vault (CR Vault) stores a kind of gold copy of the company data so that the previous data status can be restored at any time. What's more, the Cyber Recovery Vault can also accommodate the backup server itself and thus ensure that the recovery routines function properly. With the Dell NetWorker and PowerProtect Data Manager (PPDM) backup solutions, this process can even be automated; with other backup products, the administrator has to set up the server manually. It is then possible to restore not only the data records blocked by the malware, but also the fully configured server, thus restoring a clean and functioning production environment in the shortest possible time.

Protect yourself from attacks from your number one enemy – we will help you and show you how to become more and more secure in individual steps!
... read more

Downloads

Language: German

Questions and Answers: No

close

This content or feature is available to the it-sa 365 community. 
Please register or log in with your login data.